-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 28 Dec 2025 15:15:31 +0100 Source: mediawiki Architecture: source Version: 1:1.35.13-1+deb11u6 Distribution: bullseye-security Urgency: high Maintainer: Kunal Mehta <[email protected]> Changed-By: Guilhem Moulin <[email protected]> Changes: mediawiki (1:1.35.13-1+deb11u6) bullseye-security; urgency=high . * Non-maintainer upload by the LTS Team. * Fix CVE-2025-67475: Escape square brackets in autocomment links. * Fix CVE-2025-67478: Always escape commas in distinct values from RFC 2822 style headers. * Fix CVE-2025-67479: Sanitizer: disallow underscore and wide underscore in `data-*` attribute names. * Fix CVE-2025-67480: Check read permissions in `ApiQueryRevisionsBase`. * Fix CVE-2025-67481: Disallow `style` attribute in client-side messages (jqueryMsg). * Fix CVE-2025-67482 (Scribunto extension): Lua segfault in unpack(). * Fix CVE-2025-67484: Don't allow users with the `editinterface` permission to perform XSS by default. If the former unsafe behavior is desired, is can be re-enabled by setting `$wgEnableUnsafeXsltOption` to true. Checksums-Sha1: b7adf79d71546efe3544d9b79dc0894969365da7 2426 mediawiki_1.35.13-1+deb11u6.dsc fc6a0092fc13601b40cf223a9679aecb334fab41 52025948 mediawiki_1.35.13.orig.tar.gz b3e2fe47c3e14e21cead561df099f99e5b79dc05 195 mediawiki_1.35.13.orig.tar.gz.asc 812e9aee5874caf5bd6947e3e29593ca4b85bcce 131800 mediawiki_1.35.13-1+deb11u6.debian.tar.xz 8892c3b36faf853cb8920f867bd9520ff4aadc4a 5913 mediawiki_1.35.13-1+deb11u6_source.buildinfo Checksums-Sha256: e403b385bf574ed3e3d68523e453255b5f1441772d13373abe8d4672fa9ceced 2426 mediawiki_1.35.13-1+deb11u6.dsc 2a9700ce193db1932db7be3e1bfddf135d622d4399ba6bd6d0570e451db63b61 52025948 mediawiki_1.35.13.orig.tar.gz 08755b8c39509e75b0326d13d52e834decdce93ed3efc48b689f7615860d2c58 195 mediawiki_1.35.13.orig.tar.gz.asc c347594e0ddb22ade187c92ff63ed3b9c42c10020da97e4ec5b49c69c756a969 131800 mediawiki_1.35.13-1+deb11u6.debian.tar.xz 65f6159506d1862f33e1f1ae5123617603ede3ed28a82605bdb0ded8d1874bb6 5913 mediawiki_1.35.13-1+deb11u6_source.buildinfo Files: 9264a91d74c0888835d825f6098b38ae 2426 web optional mediawiki_1.35.13-1+deb11u6.dsc 5a860e14a8fac89a5964fa9c1695041e 52025948 web optional mediawiki_1.35.13.orig.tar.gz 5b4f4d652eb606eaf059b91b4e3e467b 195 web optional mediawiki_1.35.13.orig.tar.gz.asc bde2212f53e23170df80ed44bfb6cc02 131800 web optional mediawiki_1.35.13-1+deb11u6.debian.tar.xz 51629b32e882d5dd0bff8f0ba804654e 5913 web optional mediawiki_1.35.13-1+deb11u6_source.buildinfo
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmlS8JoACgkQ05pJnDwh pVIj9w//Ultup6P8upvAuGFzicqU78XP447V7GxQmN8OK4DE2Nb8ubzJom72VG3E J9yD8voUCeKo9iNmzFBgw8wbqjAIb2sWFL85uLuaJCZJBuAUnJr5HmCkTdNwggPX wLerHRUYkyfHaiaSa6BJ5UTAcIAUt7c/ezMvuQ4vWcsukTezp2tcL68MNGFy9o2j zce0mpJTFocfUkjiqrs7Qvy4xbF2YWUVvPaCmltSzalNwI6ozENPPjK1MizO3UBK /feZGl42JkBZc8EH2QhpsgcO1pzuCjOQE9+ZGssSyrCcXEPxQT2VlhNW8+6IzkMF 3BDiO35AqnLqN7V4F3K0JkWdgFmP22uRg05D6zE8sSFuBbqNyvrIE5ENRj7jkUTM y6jQVqD5BAhigb9LLjiI6NMUm1Lshy8iqEQv2hSN9lEzml0Esu44J1ZgNlt8FvFg 0dhEJpnH+SO2XoWTX81kSw9RsE3pEG5I0Wjm36eOvB11xC8bdmbqFRlub4uEB4Oi 6/o7eHvTmyhQf4DZu9EeJA/YaZ9cfh8l/Y54SZvktd0tmtkeERar2PR76R+U72dK DtnNXW4/7hNB4bUhTNn7jNn6w4dUoVY/WYrluFNLzLyu2xV6siWbRzJmQdkicQTo OAbLe8eYABUKSuChathf9RltQXBAEXsRzmUXn9xBCxarC7mStgM= =NRC4 -----END PGP SIGNATURE-----
pgp7RzdrAYMkL.pgp
Description: PGP signature
